Linux PE
Last updated
Last updated
Once you have access to a system there are a few basic things that you can check in order to do privilege escalation. The following is a list of items that you check
Check whether the user is part of an admin group. Admin groups usually have access to backups, logs, etc
Check whether the version of linux is susceptible to any attacks
Does the tmp folder have any files or executables
Are there any cron jobs that can be modified or manipulated
Any suspicious process running that can be hijacked
What are the list of editable files by the user
Check the sudo list whether the user can execute any of those commands. This is helpful only when you have password to the user
Are there any SUID binaries
Does the root folder contain any files that are accessible by the user
Are there any interesting files within the user's home directory
Are there any loop back IP ports listening on that system